Cisco SD-WAN Bug Actively Exploited
Digest
CISA has issued a warning regarding a critical Cisco SD-WAN vulnerability (CVE-2026-20127) that has been actively exploited since 2023, allowing attackers to establish rogue peering sessions and gain unauthorized access. Researchers demonstrated how an MCP vulnerability could lead to remote code execution and Azure tenant takeover, highlighting MCP's role in agentic AI. Separately, the hacking group Shiny Hunters leaked 12.4 million records from Car Gurus, containing names and emails that could facilitate sophisticated phishing and fraud. In a positive development, an Ontario resident successfully recovered funds lost to a tech support scam due to effective collaboration between the Ontario Provincial Police and the U.S. Secret Service.
Outlines
Cisco SD-WAN Vulnerability and Agentic AI Risks
CISA warns of a critical Cisco SD-WAN vulnerability (CVE-2026-20127) exploited since 2023, allowing unauthorized access. RSA researchers demonstrate how an MCP vulnerability could lead to remote code execution and Azure tenant takeover, with MCP being crucial for agentic AI.
Car Gurus Data Breach and Tech Scam Recovery
Shiny Hunters published 12.4 million records from Car Gurus, including names and emails, posing risks for phishing and fraud. An Ontario resident recovered funds from a tech support scam due to cooperation between law enforcement agencies.
Keywords
CVE-2026-20127
A critical vulnerability in Cisco Catalyst SD-WAN controller products, enabling attackers to bypass authentication and establish rogue peering sessions for unauthorized access.
Agentic AI
AI systems that act autonomously on behalf of users. MCP (Model Context Protocol) is a key enabler for agentic AI, standardizing data sharing and actions for LLMs.
Shiny Hunters
A hacking group known for distributing large datasets from data breaches, including the Car Gurus incident, increasing the risk of secondary fraud.
Tech Support Scam
Fraudsters impersonate tech support to trick victims into paying for unnecessary services or granting remote access, often using urgency and fear tactics.
Car Gurus Data Breach
Leak of 12.4 million records from Car Gurus, including names and emails, potentially leading to more credible phishing attacks and fraud due to linked purchase intent.
MCP (Model Context Protocol)
A protocol that standardizes how LLMs access enterprise data and perform actions, crucial for agentic AI but carrying risks like over-permissioning and prompt injection.
Cross-border Cybercrime Recovery
Successful recovery of funds lost to cybercrime through cooperation between international law enforcement agencies, as seen in the Ontario tech support scam case.
Q&A
What is the critical vulnerability affecting Cisco SD-WAN and what are the implications?
The vulnerability, CVE-2026-20127, allows attackers to bypass authentication and gain unauthorized access to Cisco Catalyst SD-WAN controllers. Exploitation since 2023 means potential long-term compromise.
How does MCP enable agentic AI, and what are the associated risks?
MCP standardizes how LLMs access data and act on behalf of users, crucial for enterprise AI. Risks include over-permissioned servers, prompt injection, and a demonstrated path to remote code execution and tenant compromise.
What information was compromised in the Car Gurus data breach, and why is it significant?
12.4 million records, including names and emails, were leaked. This data, tied to vehicle shopping and financing intent, can make phishing attacks more credible and increase the risk of fraud.
How was a tech support scam victim able to recover their funds?
Cooperation between the Ontario Provincial Police and the U.S. Secret Service allowed investigators to trace and freeze the funds before they were fully laundered, demonstrating successful cross-border cybercrime recovery.
Show Notes
Cisco SD-WAN Bug Actively Exploited, MCP Azure Takeover Demo, CarGurus Data Leak, and Secret Service Scam Recovery
Host Jim Love covers four cybersecurity stories: CSA warns a critical Cisco Catalyst SD-WAN controller vulnerability (CVE-2026-20127) has been exploited since 2023, enabling authentication bypass and rogue peering sessions, and orders U.S. federal agencies to inventory systems, collect logs and forensic artifacts, hunt for compromise, and apply Cisco's fixes by 5:00 PM ET on February 27, 2026, with no workarounds. At RSA, researchers show how flaws in Model Context Protocol (MCP)—a key integration layer for agentic AI—could lead to remote code execution and even Azure tenant takeover, highlighting rising enterprise risk. ShinyHunters reportedly published 12.4 million stolen CarGurus records, raising phishing and fraud concerns tied to vehicle shopping and financing context. Finally, an Ontario tech support scam victim recovers funds through coordinated work by Ontario Provincial Police and the U.S. Secret Service, which traced and froze the money in time.
Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst
LINKS
Cisco Advisory
Cisco Security Advisory – CVE-2026-20127
Authentication bypass vulnerability in Cisco Catalyst SD-WAN
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk
CISA Supplemental Hunt and Hardening Guidance (Cisco SD-WAN Systems)
https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems
Threat Hunt Guide (Technical PDF)
Cisco SD-WAN Threat Hunt Guide (jointly referenced in federal guidance)
https://media.defense.gov/2026/Feb/25/2003880299/-1/-1/0/CISCO_SD-WAN_THREAT_HUNT_GUIDE.PDF
00:00 Sponsor Message
00:19 Cisco SD-WAN Under Attack
02:48 MCP Azure Takeover Demo
05:28 CarGurus Data Dump
07:16 Secret Service Scam Recovery
09:24 Closing Sponsor Thanks
Table of contents
United States
